[keycloak-dev] Group Based Policy

Bill Burke bburke at redhat.com
Tue Jun 6 17:52:01 EDT 2017


I don't think we have any group claim token mappers.


On 6/6/17 2:37 PM, Pedro Igor Silva wrote:
> Hi All,
>
> I'm adding a Group Based Policy to our set of supported policies.
> Basically, this policy allows you to define the group(s) you want to give
> access to some resource or scope.
>
> Would like to share my initial scope with you and see if you guys have
> anything else to add:
>
> * Users can select one or more groups
> * Users can define groups using paths (e.g.: /Group A/Group B/*, /Group A,
> /Group A/Group B)
> * Users can decide whether or not access is granted if the identity is a
> member of all or any of the selected groups
> * Users can decide whether or not access extends to sub-groups of a parent
> group
>
> Please, let me know your thoughts.
>
> Regards.
> Pedro Igor
> _______________________________________________
> keycloak-dev mailing list
> keycloak-dev at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-dev



More information about the keycloak-dev mailing list